On Friday 28 January 2011 04:37 PM, Jorge Fábregas wrote:
> On 01/28/2011 01:11 AM, Jatin K wrote:
>> um target prot opt source destination
>> 2DNAT all -- 0.0.0.0/0192.168.131.133 tcp dpt:80
>>to:192.168.131.131:80
> This line doesn't look right.
On Friday 28 January 2011 07:42 PM, Tim wrote:
> On Fri, 2011-01-28 at 15:31 +0530, Jatin K wrote:
>> yes it is
> Is there a device ahead of this that is firewalling?
yes there is a linksys ADSL router ( with basic firewall with only
port 80 is maped to internal port 80 )
> Because if you're
On Fri, 2011-01-28 at 15:31 +0530, Jatin K wrote:
> yes it is
Is there a device ahead of this that is firewalling?
Because if you're providing a website accessible to the public, there's
no doubt that someone will try to hack you.
If you were doing what was discussed earlier on (putting in acces
On 01/28/2011 01:11 AM, Jatin K wrote:
> um target prot opt source destination
> 2DNAT all -- 0.0.0.0/0192.168.131.133 tcp dpt:80
> to:192.168.131.131:80
This line doesn't look right. Is it doing DNAT For the host
192.168.131.133 (converting it to
On Friday 28 January 2011 02:00 PM, Tim wrote:
> On Fri, 2011-01-28 at 10:41 +0530, Jatin K wrote:
>> I've got it working and it works like anything ...
>>
>> This[1] is the output of command service iptables status
>>
>>
>> -[1]--
>>
On Fri, 2011-01-28 at 10:41 +0530, Jatin K wrote:
> I've got it working and it works like anything ...
>
> This[1] is the output of command service iptables status
>
>
> -[1]--
>
> Table: nat
> Chain PREROUTING (policy ACCEPT)
>
On Wednesday 26 January 2011 10:21 PM, Tim wrote:
> On Wed, 2011-01-26 at 21:27 +0530, Jatin K wrote:
>> I surprised that this kind of things/action can be take by the ISP
> Over here, in Australia...
>
> Some ISPs block port 80 by default, though you may enable it. I seem to
> recall that was an
On Wed, 2011-01-26 at 21:27 +0530, Jatin K wrote:
> I surprised that this kind of things/action can be take by the ISP
Over here, in Australia...
Some ISPs block port 80 by default, though you may enable it. I seem to
recall that was an ISP-reaction to a worm.
Some ISPs block port 80, unless yo
On Wednesday 26 January 2011 01:06 AM, Gene Heskett wrote:
> On Tuesday, January 25, 2011 02:28:15 pm Jatin K did opine:
>
>> On Tuesday 25 January 2011 10:44 PM, Tim wrote:
>>> On Wed, 2011-01-26 at 01:13 +1030, Tim wrote:
Then, you've got several things to think about:
>>> Another one: Does
On Wednesday 26 January 2011 04:44 AM, Jorge Fábregas wrote:
> On 01/25/2011 01:13 PM, Jatin K wrote:
>> iptables -t nat -A PREROUTING -d xx.xx.xx.xx -t tpc --dport 80 -j DNAT
>> --to-destination 192.168.131.131
> Ok, assuming your default policy is to drop, I think you'll need this rule:
>
> iptab
On Tue, 2011-01-25 at 22:43 +0530, Jatin K wrote:
> setup is likeADSL> NIC 1 of firewall NIC 2 connects to the
> webserver
>
> if any request arrives to live ip on ADSL Router it sends it to the
> firewall ( I've tested it by running httpd on firewall and it works
> fine )
Okay, I've
On Tuesday, January 25, 2011 08:40:02 pm Joe Zeff did opine:
> On 01/25/2011 11:36 AM, Gene Heskett wrote:
> > They block only the incoming port 80's so that if Joe& Judy
> > Lunchbucket want a web page, they have to use the ISP's servers,
> > which the ISP then wraps in advertising for additiona
On 01/25/2011 11:36 AM, Gene Heskett wrote:
> They block only the incoming port 80's so that if Joe& Judy Lunchbucket
> want a web page, they have to use the ISP's servers, which the ISP then
> wraps in advertising for additional revenue.
Or do what I do: host it at a third-party webhosting servi
On 01/25/2011 01:13 PM, Jatin K wrote:
> iptables -t nat -A PREROUTING -d xx.xx.xx.xx -t tpc --dport 80 -j DNAT
> --to-destination 192.168.131.131
Ok, assuming your default policy is to drop, I think you'll need this rule:
iptables -A FORWARD -i eth1 -m state --state ESTABLISHED,RELATED -j ACCEP
On Tuesday, January 25, 2011 02:28:15 pm Jatin K did opine:
> On Tuesday 25 January 2011 10:44 PM, Tim wrote:
> > On Wed, 2011-01-26 at 01:13 +1030, Tim wrote:
> >> Then, you've got several things to think about:
> > Another one: Does your ISP block remote access to port 80.
>
> no they do not .
On Tuesday, January 25, 2011 02:26:02 pm Tim did opine:
> On Wed, 2011-01-26 at 01:13 +1030, Tim wrote:
> > Then, you've got several things to think about:
> Another one: Does your ISP block remote access to port 80.
>
> I forgot about that, lots of ISPs do that.
Which is why I have a :85 in my
On Tuesday 25 January 2011 10:44 PM, Tim wrote:
> On Wed, 2011-01-26 at 01:13 +1030, Tim wrote:
>> Then, you've got several things to think about:
> Another one: Does your ISP block remote access to port 80.
>
no they do not I'm very sure about that
> I forgot about that, lots of ISPs do th
On Wed, 2011-01-26 at 01:13 +1030, Tim wrote:
> Then, you've got several things to think about:
Another one: Does your ISP block remote access to port 80.
I forgot about that, lots of ISPs do that.
--
[tim@localhost ~]$ uname -r
2.6.27.25-78.2.56.fc9.i686
Don't send private replies to my add
On Tuesday 25 January 2011 08:13 PM, Tim wrote:
> On Tue, 2011-01-25 at 19:33 +0530, Jatin K wrote:
>> I've tested this function through other ISP ( from my other branch )
>> and also checked it from my phone on 3G network
> Then, you've got several things to think about:
>
> Firewall. Is it
On Tuesday, January 25, 2011 09:12:07 am Ian Pilcher wrote:
> What is the default gateway on the web server? It's possible that
> packets are getting through the "gateway" server just fine, but getting
> lost on the way back.
Can the OP run wireshark and look for the packets?
Also, if one does
What is the default gateway on the web server? It's possible that
packets are getting through the "gateway" server just fine, but getting
lost on the way back.
--
Ian Pilcher arequip.
On Tue, 2011-01-25 at 19:33 +0530, Jatin K wrote:
> I've tested this function through other ISP ( from my other branch )
> and also checked it from my phone on 3G network
Then, you've got several things to think about:
Firewall. Is it getting in the way, before or after the NAT rule?
Is
On Tuesday 25 January 2011 07:08 PM, Tim wrote:
> On Tue, 2011-01-25 at 17:47 +0530, Jatin K wrote:
>> I'got your point replaced NAT with nat ... saved iptables wiht
>> service iptable save
>>
>> but server is not forwarding the packets to the web server
>>
>> if i try http://xx.xx.xx.xx ( live i
On Tue, 2011-01-25 at 17:47 +0530, Jatin K wrote:
> I'got your point replaced NAT with nat ... saved iptables wiht
> service iptable save
>
> but server is not forwarding the packets to the web server
>
> if i try http://xx.xx.xx.xx ( live ip ) .. .. no page is displayed
>
> what it could
On Tuesday 25 January 2011 06:16 PM, Jorge Fábregas wrote:
> On 01/25/2011 08:17 AM, Jatin K wrote:
>> but server is not forwarding the packets to the web server
> Besides the NAT rule, you'll need a forward rule (as that traffic is not
> for the machine hosting the firewall). I think you'll need
Hi ,
On the server where you have the web page you have iptables up and blocking
the 80 port ? the service is up and running ? it's accepting connection from
all interfaces , not only on localhost ?
On Tue, Jan 25, 2011 at 2:17 PM, Jatin K wrote:
> On Tuesday 25 January 2011 05:07 PM, Jorge Fáb
On 01/25/2011 08:17 AM, Jatin K wrote:
> but server is not forwarding the packets to the web server
Besides the NAT rule, you'll need a forward rule (as that traffic is not
for the machine hosting the firewall). I think you'll need something like:
iptables -A FORWARD -d 192.168.131.131 -p tcp --
On Tuesday 25 January 2011 05:07 PM, Jorge Fábregas wrote:
> On 01/25/2011 06:15 AM, Jatin K wrote:
>> iptables -t NAT -A PREROUTING -d xx.xx.xx.xx -J DNAT --to-destination
>> 192.168.131.131
>>
>> but it ends with following error
> Hi,
>
> The names of the tables are case-sensitive. It should be
Jatin K gmail.com> writes:
> ...
> Dear All
> I'm trying to configure iptables with Network Address Translation
> ...
> iptables v1.3.5: can’t initialize iptables table `nat’: Table does
> not exist (do you need to insmod?)
> Perhaps iptables or your kernel needs to be upgra
On 01/25/2011 06:15 AM, Jatin K wrote:
> iptables -t NAT -A PREROUTING -d xx.xx.xx.xx -J DNAT --to-destination
> 192.168.131.131
>
> but it ends with following error
Hi,
The names of the tables are case-sensitive. It should be nat instead of
NAT.
HTH,
JOrge
--
users mailing list
users@lists.
Dear All
I'm trying to configure iptables with Network Address Translation
Scenario is like
server 1 with IP address 192.168.131.131 is running httpd
server 2 with two NIC, one is xx.xx.xx.xx ( live ip ) and another is
192.168.131.133,
---
I run following command on server 2 ( which is goi
31 matches
Mail list logo
